Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/0CB012DAD3F611EEA1F79D4BC4F9AE02.roa
File:                     0CB012DAD3F611EEA1F79D4BC4F9AE02.roa (raw, json)
Hash identifier:          pab6NIcQvuv6qKiTj2vliJnUwSQ61e9UFRVBNRKqPis=
Subject key identifier:   C0:C2:27:04:55:AD:8A:B0:F2:77:1A:08:01:5D:01:11:11:AC:55:96
Certificate issuer:       /CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
Certificate serial:       37
Authority key identifier: 3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/0CB012DAD3F611EEA1F79D4BC4F9AE02.roa
Signing time:             Sun 25 Feb 2024 15:53:42 +0000
ROA not before:           Sun 25 Feb 2024 15:53:42 +0000
ROA not after:            Fri 31 Jan 2025 00:00:00 +0000
asID:                     147179
IP address blocks:        203.99.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Mar 2024 12:59:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55 (0x37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91EE09C/serialNumber=3C69B9B601D2C9F2A3915A6FFBCA3DAD62E99245
        Validity
            Not Before: Feb 25 15:53:42 2024 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=65db6286-fd09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:59:08:59:d7:71:cb:1b:ca:37:d5:21:5f:cf:
                    02:79:22:11:28:46:c1:46:4b:e6:d2:0e:d5:6a:79:
                    42:01:df:83:e3:96:b7:bd:76:9e:ed:61:97:04:d8:
                    af:ac:07:45:df:9e:41:89:9a:88:42:48:b1:29:3c:
                    d7:91:a7:36:08:16:e9:d0:10:41:fa:13:eb:02:cd:
                    93:94:eb:87:95:9e:e6:59:07:e0:f5:f6:12:64:a4:
                    9f:e1:b2:ee:f0:39:5c:bb:54:b9:2b:58:a4:4e:42:
                    a9:3c:3c:55:12:d5:92:61:04:e5:9a:f7:18:fd:80:
                    eb:3e:71:5e:74:87:43:5a:ef:b0:e8:e0:e6:61:87:
                    1e:e7:01:72:ae:37:10:8a:20:9b:0e:2f:35:db:53:
                    fe:99:79:d1:50:0b:18:86:6d:a7:90:2b:e1:83:e8:
                    db:1f:ff:3c:eb:30:ea:1d:7c:c1:71:f1:a7:8f:83:
                    e6:22:5d:fe:54:c6:d8:b4:48:0a:90:40:d2:e4:94:
                    e9:ec:1a:f9:fa:02:6c:82:d2:c8:85:d1:dc:9c:61:
                    aa:c7:73:d5:29:7a:43:41:b5:10:3f:bc:f2:df:85:
                    bd:aa:d5:cb:8d:7a:2f:ac:26:ce:21:0c:43:f1:47:
                    a5:ae:a5:fc:a6:1e:f2:9c:e8:d1:8d:fb:05:4d:db:
                    48:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:C2:27:04:55:AD:8A:B0:F2:77:1A:08:01:5D:01:11:11:AC:55:96
            X509v3 Authority Key Identifier:
                keyid:3C:69:B9:B6:01:D2:C9:F2:A3:91:5A:6F:FB:CA:3D:AD:62:E9:92:45

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/PGm5tgHSyfKjkVpv-8o9rWLpkkU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PGm5tgHSyfKjkVpv-8o9rWLpkkU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE09C/EEF762C0907511EE87D26680C4F9AE02/0CB012DAD3F611EEA1F79D4BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.99.145.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:0b:41:1c:bd:31:95:2c:53:5a:85:59:f8:18:1f:14:60:bb:
         b6:6c:ec:67:39:93:52:65:f2:06:fd:d6:81:62:07:c6:ff:fc:
         b0:f6:1b:8e:a2:83:0b:97:ba:f0:13:b0:9d:d2:79:34:c9:95:
         ea:0a:a7:f2:c4:76:c1:bd:d1:db:82:38:8c:3f:bd:30:0b:66:
         f1:3e:61:8f:af:c3:e0:e9:7c:f5:c8:08:8a:96:0b:68:6f:f3:
         5b:4b:10:ab:f3:d4:b8:a8:14:21:f0:fb:14:e3:b3:43:63:eb:
         44:4d:64:5b:02:23:62:19:69:a3:cb:fd:0e:c5:8c:68:0e:7f:
         56:a5:27:5b:7c:8c:78:71:4a:f2:36:99:dd:b1:99:45:19:0a:
         dd:72:c0:19:f8:ee:71:f2:77:4e:9e:f0:47:e7:6c:f1:2d:65:
         05:f6:aa:77:32:25:4a:09:c8:9f:3e:da:a8:35:3b:a2:b2:17:
         67:f8:0a:d8:ba:85:ac:44:de:54:6c:a1:c7:2a:8d:24:86:0f:
         91:5f:73:24:c1:c0:17:b8:2f:3a:cd:0b:f1:60:d9:40:48:9e:
         1a:1e:55:b8:35:1a:db:76:d1:bb:e9:91:d7:bd:26:42:9b:34:
         69:e0:1e:eb:ee:12:b4:fb:00:aa:74:0b:0b:1b:fe:08:35:20:
         c5:c6:c6:a4
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
RTA5QzExMC8GA1UEBRMoM0M2OUI5QjYwMUQyQzlGMkEzOTE1QTZGRkJDQTNEQUQ2
MkU5OTI0NTAeFw0yNDAyMjUxNTUzNDJaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZGI2Mjg2LWZkMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGWQhZ13HLG8o31SFfzwJ5IhEoRsFGS+bSDtVqeUIB34Pjlre9dp7tYZcE2K+s
B0XfnkGJmohCSLEpPNeRpzYIFunQEEH6E+sCzZOU64eVnuZZB+D19hJkpJ/hsu7w
OVy7VLkrWKROQqk8PFUS1ZJhBOWa9xj9gOs+cV50h0Na77Do4OZhhx7nAXKuNxCK
IJsOLzXbU/6ZedFQCxiGbaeQK+GD6Nsf/zzrMOodfMFx8aePg+YiXf5Uxti0SAqQ
QNLklOnsGvn6AmyC0siF0dycYarHc9UpekNBtRA/vPLfhb2q1cuNei+sJs4hDEPx
R6WupfymHvKc6NGN+wVN20jzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUwMInBFWt
irDydxoIAV0BERGsVZYwHwYDVR0jBBgwFoAUPGm5tgHSyfKjkVpv+8o9rWLpkkUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVFMDlDL0VFRjc2MkMwOTA3
NTExRUU4N0QyNjY4MEM0RjlBRTAyL1BHbTV0Z0hTeWZLamtWcHYtOG85cldMcGtr
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUEdtNXRnSFN5Zktqa1Zwdi04bzlyV0xwa2tVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
RTA5Qy9FRUY3NjJDMDkwNzUxMUVFODdEMjY2ODBDNEY5QUUwMi8wQ0IwMTJEQUQz
RjYxMUVFQTFGNzlENEJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMtjkTANBgkqhkiG9w0BAQsFAAOCAQEAQwtBHL0xlSxTWoVZ
+BgfFGC7tmzsZzmTUmXyBv3WgWIHxv/8sPYbjqKDC5e68BOwndJ5NMmV6gqn8sR2
wb3R24I4jD+9MAtm8T5hj6/D4Ol89cgIipYLaG/zW0sQq/PUuKgUIfD7FOOzQ2Pr
RE1kWwIjYhlpo8v9DsWMaA5/VqUnW3yMeHFK8jaZ3bGZRRkK3XLAGfjucfJ3Tp7w
R+ds8S1lBfaqdzIlSgnInz7aqDU7orIXZ/gK2LqFrETeVGyhxyqNJIYPkV9zJMHA
F7gvOs0L8WDZQEieGh5VuDUa23bRu+mR170mQps0aeAe6+4StPsAqnQLCxv+CDUg
xcbGpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org